<?php 


/** 
***************************************************
*欢迎使用免费版xSite企业自助建站软件！
*这是一个专业为搜索引擎营销而设计的，极稳定、极易维护的建站软件！
*官方客服：help@php.net.cn
*官方下载网址：http://www.php.net.cn/xsite/ 
***************************************************
**/




 if (!@set_time_limit (0)) { @ini_set('max_execution_time', 3600); } header("Cache-Control: no-cache, must-revalidate"); header("Content-type: text/html;charset=UTF-8"); error_reporting(E_ALL); require_once "php.net.cn/xsite/include/common.inc.php"; require_once SITE_ROOT . "/admin/admin.inc.php"; session_save_path(SITE_ROOT . "/data/log"); session_set_cookie_params(time() + 3600); session_name('siteteam'); if (!isset($_COOKIE['IS_ADMIN'])) { setcookie("IS_ADMIN", "1", time() + 31104000, '/'); } $onlineip = remote_ip(); $longip = ip2long($onlineip); if(!(substr($onlineip, 0, 1) == '0' || substr($onlineip, 0, 3) == '127' || ($longip >= 167772160 && $longip <= 184549375) || ($longip >= -1408237568 && $longip <= -1407188993) || ($longip >= -1062731776 && $longip <= -1062666241))) { define("ADMIN_IS_LOCAL", false); } else { define("ADMIN_IS_LOCAL", true); } $db = new db_mysql(); $action = empty($_GET['action']) ? empty($_POST['action']) ? empty($_COOKIE['loginid']) ? 'login' : 'index' : $_POST['action'] : $_GET['action']; $operation = empty($_GET['operation']) ? empty($_POST['operation']) ? '' : $_POST['operation'] : $_GET['operation']; if ($action == 'login' && !isset($_SESSION['loginid'])) { require_once SITE_ROOT . "/admin/login.inc.php"; } $user_data_dir = SITE_ROOT . "/data/setting/{$site_url}"; if (!file_exists($user_data_dir))mkdir($user_data_dir); $user_cache_dir = SITE_ROOT . "/data/cache/{$site_url}"; if (!file_exists($user_cache_dir)) mkdir($user_cache_dir); $user_upload_dir = SITE_DIR . "/attachments/{$site_id}"; if (!file_exists($user_upload_dir)) mkdir($user_upload_dir); $user_thumb_dir = "{$user_upload_dir}/thumb"; if (!file_exists($user_thumb_dir)) mkdir($user_thumb_dir); $user_block_dir = $user_data_dir . "/block"; if (!file_exists($user_block_dir))mkdir($user_block_dir); $user_product_upload_dir = SITE_DIR . "/attachments/{$site_id}/product"; if (!file_exists($user_product_upload_dir))mkdir($user_product_upload_dir); $user_page_upload_dir = SITE_DIR . "/attachments/{$site_id}/page"; if (!file_exists($user_page_upload_dir))mkdir($user_page_upload_dir); $user_article_upload_dir = SITE_DIR . "/attachments/{$site_id}/article"; if (!file_exists($user_article_upload_dir))mkdir($user_article_upload_dir); $upload_file_type = array('png', 'jpg', 'bmp', 'gif', 'zip', 'rar', 'txt', 'swf', 'flv', 'mp3', 'wma', 'doc', 'docx'); if (!file_exists(SITE_ROOT . "/data/cache/{$site_url}/config.php") || time() - filemtime(SITE_ROOT . "/data/cache/{$site_url}/config.php") > 86400) { $fp = fopen(SITE_ROOT . "/data/cache/{$site_url}/config.php", "w"); fwrite($fp, '<?php $editor_setting ='.var_export($config, true).';?>'); fclose($fp); } ob_start(); @session_start(); if (!isset($_SESSION['loginid'])) { message("xsite.php?action=login", "你还没有登录"); } $setting = cache_read("setting"); extract($setting); unset($password, $domain[$site_url]['password']); define('SITE_WATERMARK', $watermark); define('SITE_WATERMARK_POSITION', 'BR'); if (!defined ('SITE_THUMB_WIDTH')) define('SITE_THUMB_WIDTH', 160); if (!defined ('SITE_THUMB_HEIGHT'))define('SITE_THUMB_HEIGHT', 120); $site_thumb_width = (isset($TPL_IMAGES_THUMB_WIDTH) && $TPL_IMAGES_THUMB_WIDTH >= 100) ? ($TPL_IMAGES_THUMB_WIDTH) : SITE_THUMB_WIDTH; $site_thumb_height = (isset($TPL_IMAGES_THUMB_HEIGHT) && $TPL_IMAGES_THUMB_HEIGHT >= 100) ? ($TPL_IMAGES_THUMB_HEIGHT) : SITE_THUMB_HEIGHT; if ($action == 'index') { $mainframe = empty($_GET['mainframe']) ? empty($_POST['mainframe']) ? '' : $_POST['mainframe'] : $_GET['mainframe']; $mainframe = rawurldecode($mainframe); include SITE_ROOT . "/admin/tpl/index.tpl.php"; } if ($action == 'topframe') { include SITE_ROOT . "/admin/tpl/topframe.tpl.php"; } if ($action == 'leftframe') { include SITE_ROOT . "/admin/tpl/leftframe.tpl.php"; } if ($action == 'default') { if (!file_exists(SITE_ROOT . "/data/version.txt")) { $c_version = array('id' => '1.0.0.0', 'date' => '1352361237' , 'md5' => '0', 'info' => '由于网络原因，暂无介绍！'); } else { $c_version = read_array_file(SITE_ROOT . "/data/version.txt"); } include SITE_ROOT . "/admin/tpl/default.tpl.php"; } if ($action == 'version') { $json = array(); $json['xsite_statistics'] = 0; if (!file_exists(SITE_ROOT . "/data/cache/version.txt") || (file_exists(SITE_ROOT . "/data/cache/version.txt") && time() - filemtime(SITE_ROOT . "/data/cache/version.txt") > 86400)) { if ($s_version = @file('http://data.php.net.cn/xsite/version.php')) { $s_version = implode('', $s_version); $s_version = unserialize(base64_decode($s_version)); } else { $s_version = array('id' => '1.0.0.0', 'date' => '1352361237' , 'md5' => '0', 'info' => '由于网络原因，暂无介绍！'); } $json['xsite_statistics'] = 1; save_array_file($s_version, SITE_ROOT. "/data/cache/version.txt"); } $s_version = read_array_file(SITE_ROOT . "/data/cache/version.txt"); $json['s_version'] = $s_version; echo array_json_encode($json); } if ($action == 'logout') { ob_start(); session_destroy(); ob_end_flush(); message("xsite.php?action=login"); } if ($action == 'setting') { require_once SITE_ROOT . "/include/class.upload.php"; require_once SITE_ROOT . "/admin/setting.inc.php"; } if ($action == 'nav') { $category = empty($_GET['category']) ? empty($_POST['category']) ? '' : $_POST['category'] : $_GET['category']; $module = empty($_GET['module']) ? empty($_POST['module']) ? '' : $_POST['module'] : $_GET['module']; $parent_category = empty($_GET['parent_category']) ? empty($_POST['parent_category']) ? '' : $_POST['parent_category'] : $_GET['parent_category']; $key = empty($_GET['key']) ? empty($_POST['key']) ? '' : $_POST['key'] : $_GET['key']; $page = empty($_GET['page']) ? empty($_POST['page']) ? 1 : $_POST['page'] : $_GET['page']; $limit = 20; $system_category_file = SITE_ROOT . "/data/setting/{$site_url}/system.category.txt"; $default_category_file = SITE_ROOT . "/data/default.system.category.txt"; $category_file = file_exists($system_category_file) ? $system_category_file : $default_category_file; $theme_info = theme_info($skinid); if ($operation == 'category') { $category_list = read_array_file($category_file); foreach ($category_list as $k=>$v) { $sortid[$k] = array_key_exists("sortid", $v) ? $v['sortid'] : 1; } array_multisort($sortid, SORT_NUMERIC, SORT_DESC, $category_list); $category_tree_list = cat_tree_category('', $category_list); include SITE_ROOT . "/admin/tpl/system_category.tpl.php"; } if ($operation == "category_edit") { if ($module == 'page') { require_once SITE_ROOT . "/admin/system_category_page_edit.inc.php"; } if ($module == 'article') { require_once SITE_ROOT . "/admin/system_category_article_edit.inc.php"; } if ($module == 'product') { require_once SITE_ROOT . "/admin/system_category_product_edit.inc.php"; } if ($module == 'link') { require_once SITE_ROOT . "/admin/system_category_link_edit.inc.php"; } } if ($operation == 'category_del') { $category_info = get_category_info($category); $system_category = get_sys_category($site_url); if (count($system_category) == 1) { message("xsite.php?action=nav&operation=category", "分类不能全部删除，至少要保留一个"); } if ($category_info['module'] == 'page') { require_once SITE_ROOT . "/admin/system_category_page_del.inc.php"; } if ($category_info['module'] == 'article') { require_once SITE_ROOT . "/admin/system_category_article_del.inc.php"; } if ($category_info['module'] == 'product') { require_once SITE_ROOT . "/admin/system_category_product_del.inc.php"; } if ($category_info['module'] == 'link') { require_once SITE_ROOT . "/admin/system_category_link_del.inc.php"; } } } if ($action == 'page') { $category = empty($_GET['category']) ? empty($_POST['category']) ? '' : $_POST['category'] : $_GET['category']; if (empty($category)) { message("xsite.php?action=nav&operation=category", '缺少分类参数');; } if ($operation == "edit") { require_once SITE_ROOT . "/include/class.upload.php"; require_once SITE_ROOT . "/admin/page_edit.inc.php"; } } if ($action == 'article') { $category = empty($_GET['category']) ? empty($_POST['category']) ? '' : $_POST['category'] : $_GET['category']; $parent_category = empty($_GET['parent_category']) ? empty($_POST['parent_category']) ? '' : $_POST['parent_category'] : $_GET['parent_category']; $key = empty($_GET['key']) ? empty($_POST['key']) ? '' : $_POST['key'] : $_GET['key']; $page = empty($_GET['page']) ? empty($_POST['page']) ? 1 : $_POST['page'] : $_GET['page']; $limit = 20; if (!empty($category)) { $category_dir = $user_data_dir . "/{$category}"; if (!file_exists($category_dir))mkdir($category_dir); } if ($operation == "list") { $category_tree_list = cat_tree_category('', $system_category); $sql = "SELECT COUNT(*) AS num FROM  `{$site_id}_article` AS a WHERE a.`key` > 0"; if (!empty($category)) { $sql .= " AND a.`category` = '{$category}' "; } $db->query($sql); $row = $db->fetchRow(); $row = $row['num']; $multipage = db_multipage($row, $page, $limit); $sql = "SELECT a.* FROM  `{$site_id}_article` AS a WHERE a.`key` > 0"; if (!empty($category)) { $sql .= " AND a.`category` = '{$category}' "; } $sql .= " ORDER BY a.`key` DESC "; $sql .= " LIMIT {$multipage['start_row']}, {$multipage['limit']} "; $db->query($sql); $list = $db->fetchAll(); include SITE_ROOT . "/admin/tpl/article_list.tpl.php"; } if ($operation == 'update_index') { if (!empty($category)) { update_index($category); } message("xsite.php?action=article&operation=list&category={$category}", "更新成功"); } if ($operation == 'update_all_index') { $db->query("TRUNCATE TABLE  `{$site_id}_article`"); foreach ($system_category as $k => $v) { if ($v['module'] == 'article') { if (file_exists("{$user_data_dir}/{$k}")) { update_index($k); } } } message("xsite.php?action=article&operation=list", "更新成功"); } if ($operation == "edit") { $category_tree_list = cat_tree_category('', $article_category); require_once SITE_ROOT . "/include/class.upload.php"; require_once SITE_ROOT . "/admin/article_edit.inc.php"; } if ($operation == "del") { require_once SITE_ROOT . "/admin/article_del.inc.php"; } } if ($action == 'attachments') { $user_attachments_dir = "{$user_upload_dir}"; $attachments_dir = empty($_GET['dir']) ? empty($_POST['dir']) ? '' : $_POST['dir'] : $_GET['dir']; $attachments_dir = rawurldecode($attachments_dir); $attachments_dir = preg_replace('/[\.]+[\/]+/is', '/', $attachments_dir); $attachments_dir = preg_replace('/[\\\\]+/is', '/', $attachments_dir); $attachments_dir = preg_replace('/[\/]+/is', '/', $attachments_dir); $attachments_dir = preg_replace('/^[\/]+/is', '', $attachments_dir); $attachments_dir = preg_replace('/[\/]+$/is', '', $attachments_dir); if (!empty($attachments_dir) && $attachments_dir != '.') { $user_attachments_dir = "{$user_attachments_dir}/{$attachments_dir}"; } $user_attachments_url = SITE_PATH . str_replace(SITE_DIR, '', $user_attachments_dir); if (!preg_match('/^' . preg_quote("{$user_upload_dir}", '/') . '/is', $user_attachments_dir)) { message('xsite.php?action=attachments&operation=list', '目录禁止查看'); } if (empty($attachments_dir)) { $parent_attachments_dir = ''; } else { $parent_attachments_dir = explode('/', $attachments_dir); array_pop($parent_attachments_dir); if (count($parent_attachments_dir)) { $parent_attachments_dir = implode('/', $parent_attachments_dir); } else { $parent_attachments_dir = ''; } } if (!file_exists($user_attachments_dir)) { if (!@mkdir($user_attachments_dir)) { message('xsite.php?action=attachments&operation=list', '目录设置有误'); } } if ($operation == "list") { $dh = opendir($user_attachments_dir); $dir_list = array(); $file_list = array(); while (false !== ($filename = readdir($dh))) { if ($filename == '.' || $filename == '..') continue; $file_list[] = array('name' => $filename, 'uploadtime' => filemtime("{$user_attachments_dir}/{$filename}")); } ksort($file_list); if (is_array($file_list) && count($file_list)) { foreach ($file_list as $k=>$v) { $uploadtime[$k] = array_key_exists("uploadtime", $v) ? $v['uploadtime'] : 0; } array_multisort($uploadtime, SORT_NUMERIC, SORT_DESC, $file_list); } if (is_array($file_list) && count($file_list)) { foreach ($file_list as $k => $v) { if (is_dir("{$user_attachments_dir}/{$v['name']}")) { $dir_list[] = $v; unset($file_list[$k]); } } } include SITE_ROOT . "/admin/tpl/attachments_list.tpl.php"; } if ($operation == "upload") { if (!empty($_POST['dosubmit'])) { require_once SITE_ROOT . "/include/class.upload.php"; $files = array(); foreach ($_FILES['uploadfile'] as $k => $l) { foreach ($l as $i => $v) { if (!array_key_exists($i, $files)) $files[$i] = array(); $files[$i][$k] = $v; } } foreach ($files as $file) { $handle = new Upload($file); if ($handle->uploaded) { $handle->file_overwrite = true; $handle->allowed = array('application/pdf', 'application/msword', 'application/rar', 'application/excel', 'application/x-bzip', 'application/x-bzip2', 'application/x-excel', 'application/x-gzip', 'application/x-rar', 'application/x-zip', 'application/x-zip-compressed', 'application/zip', 'multipart/x-gzip', 'multipart/x-zip', 'text/plain', 'audio/*', 'video/*', 'image/*'); $handle->Process($user_attachments_dir); if (!$handle->processed) { echo '<p class="result">'; echo '  <b>File not uploaded to the wanted location</b><br />'; echo '  Error: ' . $handle->error . ''; echo '</p>'; } } else { } } message("xsite.php?action=attachments&operation=list" . (empty($attachments_dir) ? '' : "&dir={$attachments_dir}")); } else { include SITE_ROOT . "/admin/tpl/attachments_upload.tpl.php"; } } if ($operation == "mkdir") { if (!empty($_POST['dosubmit'])) { $filename = empty($_GET['filename']) ? empty($_POST['filename']) ? 1 : $_POST['filename'] : $_GET['filename']; if (!preg_match('/^[\w\-_]+$/', $filename)) { message("xsite.php?action=attachments&operation=list" . (empty($attachments_dir) ? '' : "&dir={$attachments_dir}"), '文件夹的名字只能是英文字母加数字组成！'); } $filename = "{$user_attachments_dir}/{$filename}"; if (!is_dir($filename)) { mkdir($filename); } message("xsite.php?action=attachments&operation=list" . (empty($attachments_dir) ? '' : "&dir={$attachments_dir}")); } else { include SITE_ROOT . "/admin/tpl/attachments_mkdir.tpl.php"; } } if ($operation == "del") { $filename = empty($_GET['filename']) ? empty($_POST['filename']) ? 1 : $_POST['filename'] : $_GET['filename']; $filename = "{$user_attachments_dir}/{$filename}"; if (is_dir($filename)) { @file_del_dir($filename); } else { @unlink($filename); } message("xsite.php?action=attachments&operation=list" . (empty($attachments_dir) ? '' : "&dir={$attachments_dir}")); } } if ($action == 'product') { $category = empty($_GET['category']) ? empty($_POST['category']) ? '' : $_POST['category'] : $_GET['category']; $parent_category = empty($_GET['parent_category']) ? empty($_POST['parent_category']) ? '' : $_POST['parent_category'] : $_GET['parent_category']; $key = empty($_GET['key']) ? empty($_POST['key']) ? '' : $_POST['key'] : $_GET['key']; $page = empty($_GET['page']) ? empty($_POST['page']) ? 1 : $_POST['page'] : $_GET['page']; $limit = 20; if (!empty($category)) { $category_dir = $user_data_dir . "/{$category}"; if (!file_exists($category_dir))mkdir($category_dir); } if ($operation == "list") { $category_tree_list = cat_tree_category('', $system_category); $keywords = empty($_GET['keywords']) ? empty($_POST['keywords']) ? '' : $_POST['keywords'] : $_GET['keywords']; $sql = "SELECT COUNT(*) AS num FROM  `{$site_id}_product` AS p WHERE p.`key` > 0"; if (!empty($category)) { $sql .= " AND p.`category` = '{$category}' "; } if (!empty($keywords)) { $sql .= " AND p.`name` LIKE '%{$keywords}%' "; } $db->query($sql); $row = $db->fetchRow(); $row = $row['num']; $multipage = db_multipage($row, $page, $limit); $sql = "SELECT p.* FROM  `{$site_id}_product` AS p WHERE p.`key` > 0"; if (!empty($category)) { $sql .= " AND p.`category` = '{$category}' "; } if (!empty($keywords)) { $sql .= " AND p.`name` LIKE '%{$keywords}%' "; } $sql .= " ORDER BY p.`key` DESC "; $sql .= " LIMIT {$multipage['start_row']}, {$multipage['limit']} "; $db->query($sql); $list = $db->fetchAll(); include SITE_ROOT . "/admin/tpl/product_list.tpl.php"; } if ($operation == 'update_index') { if (!empty($category)) { update_index($category); } message("xsite.php?action=product&operation=list&category={$category}", "更新成功"); } if ($operation == 'update_all_index') { $db->query("TRUNCATE TABLE  `{$site_id}_product`"); foreach ($system_category as $k => $v) { if ($v['module'] == 'product') { if (file_exists("{$user_data_dir}/{$k}")) { update_index($k); } } } message("xsite.php?action=product&operation=list", "更新成功"); } if ($operation == 'batch') { $batch_action = empty($_GET['batch_action']) ? empty($_POST['batch_action']) ? '' : $_POST['batch_action'] : $_GET['batch_action']; if (isset($_POST['product_key'])) { $product_key = $_POST['product_key']; } if ($batch_action == 'del') { if (is_array($product_key) && count($product_key)) { foreach ($product_key as $p) { $key = $p; $product_info_file = $user_data_dir . "/{$category}/{$key}.txt"; if (!file_exists($product_info_file)) { $db->delete("{$site_id}_product", " `category` = '{$category}' AND `key` = {$key} "); continue; } $product_info = read_array_file($product_info_file); foreach ($product_info['product_pic'] as $k => $v) { if(!empty($v) && file_exists($v))unlink($v); } if(!empty($product_info['ptitle']) && file_exists($product_info['ptitle']))unlink($product_info['ptitle']); if (@unlink($product_info_file)) { $db->delete("{$site_id}_product", " `category` = '{$category}' AND `key` = {$key} "); } } } } if ($batch_action == 'move') { $new_category_id = empty($_GET['new_category_id']) ? empty($_POST['new_category_id']) ? '' : $_POST['new_category_id'] : $_GET['batch_action']; if (is_array($product_key) && count($product_key)) { foreach ($product_key as $p) { $key = $p; $product_info_file = $user_data_dir . "/{$category}/{$key}.txt"; if (!file_exists($product_info_file)) { $db->delete("{$site_id}_product", " `category` = '{$category}' AND `key` = {$key} "); continue; } $product_new_file = $user_data_dir . "/{$new_category_id}/{$key}.txt"; if (!file_exists($user_data_dir . "/{$new_category_id}") || file_exists($product_new_file)) { continue; } if (copy($product_info_file, $product_new_file)) { if (!unlink($product_info_file)) { @rename($product_info_file, "del_{$product_info_file}.dat"); } $data = array(); $data['category'] = $new_category_id; $db->update("{$site_id}_product", $data, " `category` = '{$category}' AND `key` = {$key} "); } } } } if ($batch_action == 'search') { $keywords = empty($_GET['keywords']) ? empty($_POST['keywords']) ? '' : $_POST['keywords'] : $_GET['keywords']; if (!empty($keywords) && $keywords != "请输入关键词") { $keywords = rawurlencode($keywords); message("xsite.php?action=product&operation=list&category={$category}&keywords={$keywords}"); } } message("xsite.php?action=product&operation=list" . (!empty($category) ? "&category={$category}" : "") . (!empty($page) ? "&page={$page}" : "")); } if ($operation == "edit") { $category_tree_list = cat_tree_category('', $product_category); require_once SITE_ROOT . "/include/class.upload.php"; require_once SITE_ROOT . "/admin/product_edit.inc.php"; } if ($operation == "setting") { require_once SITE_ROOT . "/admin/product_setting.inc.php"; } if ($operation == "pass") { $pass = empty($_GET['pass']) ? empty($_POST['pass']) ? '' : $_POST['pass'] : $_GET['pass']; if ($pass != 1 && $pass != 4) { message("xsite.php?action=product&operation=list&category={$category}" . (!empty($page) ? "&page={$page}" : ""), "请勿非法操作"); } $product_info_file = $user_data_dir . "/{$category}/{$key}.txt"; if (file_exists($product_info_file)) { $product_info = read_array_file($product_info_file); $product_info['pass'] = $pass; save_array_file($product_info, $product_info_file); } $data = array(); $data['pass'] = $pass; $db->update("{$site_id}_product", $data, " `category` = '{$category}' AND `key` = {$key} "); message("xsite.php?action=product&operation=list&category={$category}" . (!empty($page) ? "&page={$page}" : "")); } if ($operation == "headtopic") { $status = empty($_GET['status']) ? empty($_POST['status']) ? '' : $_POST['status'] : $_GET['status']; if ($status != 1 && $status != 8) { message("xsite.php?action=product&operation=list&category={$category}" . (!empty($page) ? "&page={$page}" : ""), "请勿非法操作"); } $product_info_file = $user_data_dir . "/{$category}/{$key}.txt"; if (file_exists($product_info_file)) { $product_info = read_array_file($product_info_file); $product_info['status'] = $status; save_array_file($product_info, $product_info_file); } $data = array(); $data['status'] = $status; $db->update("{$site_id}_product", $data, " `category` = '{$category}' AND `key` = {$key} "); message("xsite.php?action=product&operation=list&category={$category}" . (!empty($page) ? "&page={$page}" : "")); } if ($operation == "del") { require_once SITE_ROOT . "/admin/product_del.inc.php"; } } if ($action == 'report') { $data['company_name'] = $company_name; $data['homepage'] = $site_url; $json = array(); $json['status'] = @post_data(base64_decode('aHR0cDovL2RhdGEucGhwLm5ldC5jbi94c2l0ZS9zdGF0aXN0aWNzLnBocD9hY3Rpb249eHNpdGVfY291bnQ='), $data ); echo array_json_encode($json); } if ($action == 'block') { if (!file_exists("./templates/{$skinid}/block.txt")) { message("xsite.php?action=default", "该套网站模板没有定义HTML碎片，不需要进行该项设置！"); } $BLOCK_HTML = read_array_file("./templates/{$skinid}/block.txt"); if ($operation == "list") { include SITE_ROOT . "/admin/tpl/block_list.tpl.php"; } if ($operation == "edit") { $key = empty($_GET['key']) ? empty($_POST['key']) ? '' : $_POST['key'] : $_GET['key']; if (empty($key)) { message("xsite.php?action=block&operation=list", "HTML块必须指定ID"); } $block_file = "{$user_block_dir}/{$skinid}/{$key}.txt"; if (!file_exists("{$user_block_dir}/{$skinid}")) { mkdir("{$user_block_dir}/{$skinid}"); } if (!empty($_POST['dosubmit'])) { $fp = fopen($block_file, "w"); fwrite($fp, $_POST['html_code']); fclose($fp); message("xsite.php?action=block&operation=edit&key={$key}", "编辑成功"); } else { if (file_exists($block_file)) { $html_code = file_get_contents($block_file); } else { $html_code = ''; } include SITE_ROOT . "/admin/tpl/block_edit.tpl.php"; } } } if ($action == 'ask') { $data = array(); $data['email'] = strip_tags($_POST['email']); $data['homepage'] = $site_url; $data['content'] = strip_tags($_POST['content']); $data['screen'] = ''; if (!empty($_FILES['screen']['name'])) { if (preg_match('/^image\//i', $_FILES['screen']['type'])) { $fileinfo = pathinfo($_FILES['screen']['name']); $filename = "{$user_upload_dir}/public/screen/" . substr(md5($_FILES['screen']['name']), 0, 8) . ".{$fileinfo['extension']}"; if (!file_exists("{$user_upload_dir}/public/screen")) { mkdir("{$user_upload_dir}/public/screen"); } if (file_exists($filename)) { unlink($filename); } if (move_uploaded_file($_FILES['screen']['tmp_name'],$filename)) { $data['screen'] = str_replace(SITE_DIR . '/', '', $filename); $data['screen'] = "http://{$site_url}" . SITE_PATH . "/{$data['screen']}"; } } } if (!empty($data['content'])) { echo post_data(base64_decode('aHR0cDovL2RhdGEucGhwLm5ldC5jbi94c2l0ZS9hc2sucGhwP2FjdGlvbj1tZXNzYWdl'), $data); } else { echo '0'; } } if ($action == 'theme') { $theme = theme_list(); if ($operation == "list") { include SITE_ROOT . "/admin/tpl/theme_list.tpl.php"; } if ($operation == "select") { $theme_key = empty($_GET['key']) ? empty($_POST['key']) ? '' : $_POST['key'] : $_GET['key']; if (!array_key_exists($theme_key, $theme)) { message("xsite.php?action=theme&operation=list", "你选择的模板不存在"); } $settingfile = SITE_ROOT . "/data/setting/{$site_url}/setting.txt"; $defaultsettingfile = SITE_ROOT . "/data/default.setting.txt"; if (file_exists($settingfile) && filesize($settingfile) > 0) { $savedata = read_array_file($settingfile); } else { $savedata = read_array_file($defaultsettingfile); } $savedata['skinid'] = $theme_key; save_array_file($savedata, $settingfile); del_cache("setting"); message("xsite.php?action=theme&operation=list", "模板选择成功！"); } } if ($action == 'tplconfig') { require_once SITE_ROOT . "/include/class.upload.php"; require_once SITE_ROOT . "/admin/tplconfig.inc.php"; } if ($action == 'first') { require_once SITE_ROOT . "/include/class.upload.php"; require_once SITE_ROOT . "/admin/first.inc.php"; } if ($action == 'mobi') { if ($operation == "setting") { require_once SITE_ROOT . "/admin/mobi_setting.inc.php"; } } if ($action == 'profile') { require_once SITE_ROOT . "/admin/profile.inc.php"; } if ($action == 'update_cache') { cache_update("setting"); update_index(); theme_cache(); $file_list = read_dir(SITE_DIR . "/attachments/{$site_id}/thumb"); if (is_array($file_list['file']) && count($file_list['file'])) { foreach ($file_list['file'] as $k => $v) { unlink(SITE_DIR . "/attachments/{$site_id}/thumb/{$v}"); } } message("xsite.php?action=default", "全站缓存已经更新完成！"); } if ($action == 'get_update_file') { require_once SITE_ROOT . "/include/update.inc.php"; require_once SITE_ROOT . "/admin/get_update_file.inc.php"; } if ($action == "unpack_update_file") { require_once SITE_ROOT . "/admin/zip.inc.php"; require_once SITE_ROOT . "/include/update.inc.php"; require_once SITE_ROOT . "/admin/unpack_update_file.inc.php"; } ob_end_flush(); ?>